Reading time: 3 minutes

Cloud computing is becoming the primary platform for web applications and the online distribution of increasingly complex and sensitive data. For many companies, cloud computing contracts inadequately address privacy and security risks. It is imperative that if your business is entering into a contract with a cloud computing vendor, the contract clearly sets out liability clauses and mitigates unique risks that arise from this form of technology.

IT contracts for cloud services differ substantially from traditional contracting models. From a technical perspective, IT infrastructure capacity is highly elastic. Elasticity means cloud server capacity can be dynamically reconfigured to adjust to a variable load depending on how many users are accessing data. Accordingly, there is an elimination of an up-front commitment by clients as they often pay only for what they use, compared to traditional IT hosting. These characteristics highlight not only the illusion of infinite resources but also how the location of data processing is not always known, predetermined or agreed to contractually.

Dude, Where’s My Data?

The physical location of data, coupled with its virtual state in the cloud, raises several issues regarding the validity of cross-border contracts and data security. Unlike traditional IT contracts whereby the law governing the Service Level Agreement and the choice of court in dispute resolution is clear, cloud computing raises new challenges. Given the potential movement of data across multiple jurisdictions, and the consequential inconsistency of confidentiality protection in differing jurisdictions, a client may find that their data may not be entitled to the same protection as contractually obliged. It is imperative that each cloud computing contract is drafted specifically for the vendor and the client.  Vendors should offer comprehensive and unambiguous jurisdiction clauses, including a list of the regulations and statutes that govern the site where data is stored and how compliance is executed.  

As the processing of data in the cloud can take place across different servers in different countries, or in a shared-tenancy cloud-computing environment, privacy concerns are paramount. The Privacy Act 1988 (Cth),  USA PATRIOT Act and European Union Data Privacy Directive all vary in coverage and effect of data protection and privacy. For Australian cloud computing vendors, consideration of the Australian Privacy Principles (APPs) is also a requirement.

What Should I Look For In A Cloud Computing Contract?

If you are a client using cloud computing technology, you can minimise the risk of security breaches by conducting your due diligence procedures such as knowing where your data is stored, and ensuring protocols are implemented to monitor continuously vendors and how data is handled.

Most shrink-wrap and click-wrap agreements only allow clients to view the terms and conditions of the contract after purchase. As these contracts may involve limited liability clauses or vendor subcontracting agreements, clients are not often given an opportunity to negotiate their terms and to scrutinise the terms of their licenses closely. If you are considering entering a cloud computing contract, you should use your power to negotiate how your software is installed to comply with your requirements,  and how data is stored and processed.

Key Takeaways

The innovation of cloud computing presents unique complexities and legal implications. Cloud computing clients should carefully scrutinise their contract before signing to ensure they understand the location and method of data storage. Our IT lawyers can assist with drafting or reviewing cloud computing contracts.

Questions? Get in touch on 1300 544 755.


COVID-19 Vaccines In The Workplace

Thursday 10 February | 11:00 - 11:45am

Can you compel employees to have a COVID-19 vaccine? Understand your rights and responsibilities as an employer. Register today for our free webinar.
Register Now

Preventing Wage Underpayment In Your Franchise

Wednesday 16 February | 11:00 - 11:45am

Learn how to identify and prevent wage underpayment in your franchise. Register today for our free webinar.
Register Now

How to Prevent and Manage Commercial Contract Disputes

Thursday 24 February | 11:00 - 11:45am

Learn how to prevent and manage common commercial contract disputes. Register today for our free webinar.
Register Now

About LegalVision: LegalVision is a commercial law firm that provides businesses with affordable and ongoing legal assistance through our industry-first membership.

By becoming a member, you'll have an experienced legal team ready to answer your questions, draft and review your contracts, and resolve your disputes. All the legal assistance your business needs, for a low monthly fee.

Learn more about our membership

Need Legal Help? Get a Free Fixed-Fee Quote

If you would like to receive a free fixed-fee quote or get in touch with our team, fill out the form below.

Our Awards

  • 2020 Excellence in Technology & Innovation Finalist – Australasian Law Awards
  • 2020 Employer of Choice Winner – Australasian Lawyer
  • 2021 Fastest Growing Law Firm - Financial Times APAC 500
  • 2020 AFR Fast 100 List - Australian Financial Review
  • 2021 Law Firm of the Year - Australasian Law Awards
  • 2019 Most Innovative Firm - Australasian Lawyer